Security & Compliance

Security & Compliance

Our clients entrust us with their #1 asset — their data.

This is why trust, privacy and information security are core to our business.

 


 

In a management climate where good business decisions are either data-driven or lucky, companies are partnering with Lexer to capitalise on their data’s potential. Often this involves sharing sensitive data which should be protected by a series of rigorous controls and audits.
Lexer confidently meets and exceeds these requirements. We maintain several security, risk and compliance initiatives, including ISO 27001:2013 certification; routine audits on our software, infrastructure and business process; and expansive ISMS and Privacy Policies.
We also leverage independent third parties to help us strengthen our security. This includes periodic network scans, continuous host scans, penetration testing and security control audits. Ensuring we have the proper tools and processes to protect the privacy and safety of our clients is our priority.

 

 


 

ISMS

A comprehensive security framework.

Our Information Security Management Systems (ISMS) policy defines all client data as restricted information and explains in detail how we protect it through a series of controls primarily outlined by ISO27001:2013.

We work with our clients to ensure the ISMS satisfies their data governance needs.

A copy of our ISMS policy is available on request.

  • Data encrypted in transit and at rest
  • Stored in secure facility
  • Access granted to appropriate personnel
  • Building on best practice security operation

 

 


 

Certification

Maintaining best-in-class security certifications.

Understanding the importance of information security in today’s data environment, Lexer chose to become ISO 27001:2013 compliant and gained full certification in 2015.

We are committed to ensuring our ISMS policy continues to meet and exceed the requirements of ISO 27001:2013.

Documentation of our certification is available on request.

  • ISO/IEC 271001:2013 Compliant
  • Last certified in 2015
  • Routine internal audits
  • Combining our ISMS and operational security

 

 


 

Dashboard Security

The latest in web and browser security.

We employ many web development best practices to ensure our clients data and usage is protected. From security systems such as Encrypted Connections (HTTPS), Two-factor authentication and a comprehensive audit log of all activity.

Built and tested upon the best practices outlined in OWASP Top 10 and CWE/SANS 25, our dashboard is under many continuous and routine tests and audits to ensure the highest of security.

  • Two-factor authentication
  • Strong password validation
  • Tested against OWASP 10, CWE/SANS 25
  • Continuous testing and validation

 

 


 

Availability

Proud to maintain a 99.9% uptime.

The design and development of our Action Cloud is geared toward ensuring our clients can enjoy the greatest possible uptime.

This commitment also manifests in the relationships we cultivate with key web service providers.

  • 99.9% uptime
  • Relationships with key hosting partners

 

 


 

Vulnerability Management

A security environment subject to rigorous, continuous testing.

Lexer undergoes regular self-run and third-party penetration tests of each aspect of our security environment, while delivering a best practice Patch Management program and the latest in cloud network and system security.

We invite our clients to schedule audits on our infrastructure and setup as required.

  • Best practice Patch Management
  • Routine penetration tests
  • Internal and third-party audits

 

 

Get in touch

Learn more about how we protect your data.

Start the Conversation